Our take on privacy
It may sometimes seem a little cumbersome to read privacy statements. That is why I am glad that you are taking the time.
We at ISMS Connect have no interest in collecting data from you, that we don’t need to fulfill our service. See below what type of data we handle and why. Feel free to inquire us any time with your question regarding privacy.
– Christopher Eller, owner of ISMS Connect –
What we collect and why
Below you find a description of each data processing procedure as well as a detailed description of the legal basis for the data collect as well as the retention times.
Regarding Retention: Please note that our system backups may contain your personal data. So if the retention time expires or you delete your account, it may take additional 30 days until all information is completely gone from our backup systems.
If you order some of our services, the information you provide is used to process your order and write an invoice. As we offer subscription and user accounts, this information is retained as long your account is existent to allow reordering or renewing your subscription. Your IP address will be saved together with your order to protect us against fraud through incorrect orders.
We use the service provider “Stripe” to process your payment. They carry out a risk analysis based on the data entered. The processing of your payment and payment data is the responsibility of these providers. We use this provider to carry out SEPA & Credit Card Payments because we were target of fraudulent orders in the past. But if you do not feel comfortable with sharing your data with a third party for payment, you can contact us and we will set up traditional bank transfer for you. In that case, you will pay us directly.
If you haven an account, free or paid, you can access the information available to you by using the login data provided (“Subscription”). You can use your account to request renewal of the product or deletion of all your data.
When you use our product, we will record your progress in processing the training courses in the Academy module to allow you to continue the course at any time where you left off. Also, we access this progress value in support cases to help understand where you have trouble. If the subscription you ordered expires, your account will not be automatically deleted to allow you accessing free content and to resume your subscription.
We combine your support requests, your subscription information and your progress in trainings in a single customer database to better understand your project progress and to support you in the best possible way when interacting with us.
You also have the possibility to participate in the members’ forum under your name or send messages to other members. Your name, which can be pseudonymized or changed in the profile settings at any time, will appear in the platform for other users when they use the Academy, for example. Other users have the possibility to contact you under this name via chat.
You may want to invite your team members to your account, therefore invited team members will also have an profile identified by their E-Mail and Password. Also, they will have an profile with public information (like nickname) for the forum just like your profile.
If someone reports fraudulent or aggressive behavior, we may look into community messages or posts that are objectives to those reports.
Occasionally we may invite customers to video sessions where problems or questions in customer projects are discussed. All customers that participate in those sessions are asked to keep shared information confidentially. However, its still a public forum. If all participants agree, we may record these sessions and share them on the website with other customers.
If you contact us (for example to get an offer or information about our product) by e-mail or the contact forms provided, the information you provide will be stored in order to answer your request and help you with additional requests. We will link multiple requests in our Helpdesk System and our customer database based on the sender e-mail to better understand your request and your project.
If you use the contact bubble in the right corner, our service provider Helpscout will additionally receive your IP and the help articles you clicked to help us link your request to your previous requests from you and to understand what problem you where facing.
In order to display our website, to ensure the stability and security of the site and to statistically evaluate visits, we collect the data your browser sends to us (IP Adress, time, browser version, Operating system). Additionally, the contact form in the lower right corner is directly loaded from our service provider help scout when you call the site. Helpscout is a paid provider which operates under an contract with us. We use “Matomo” to analyze visitors as well as a Web Application Firewall to protect against attacks. Read further under “Details”.
We use the Google search engine to place advertisements that link to this page. Usually Google Analytics is integrated as a tracking script on websites to monitor the user’s session and measure how they behave. We don’t do so.
Although we do not use Google Analytics, we rely on measuring the success of the ads (“Which ad makes customers buy something?”). We have implemented a solution that protects you from Google Analytics and allows us to measure the success of ads. Read more under “Details”.
Cookies are small text files that are stored by your web browser: e.g. with the contents of your shopping basket in the online shop. This information is sent back to us by your browser when you call up the website again and we can show your shopping basket or allow you to skip the log in. All cookies we use are so called “first party cookies”. Read further under “Cookies”.